Cyber Threat Predictive Analytics for Improving Cyber Supply Chain Security

Abstract : Cyber Supply Chain (CSC) system is complex which involves different sub-systems performing various tasks. Security in supply chain is challenging due to the inherent vulnerabilities and threats from any part of the system which can be exploited at any point within the supply chain. This can cause a severe disruption on the overall business continuity. Therefore, it is paramount important to understand and predicate the threats so that organization can undertake necessary control measures for the supply chain security. Cyber Threat Intelligence (CTI) provides an intelligence analysis to discover unknown to known threats using various properties including threat actor skill and motivation, Tactics, Techniques, and Procedure (TT and P), and Indicator of Compromise (IoC). This paper aims to analyse and predicate threats to improve cyber supply chain security. We have applied Cyber Threat Intelligence (CTI) with Machine Learning (ML) techniques to analyse and predict the threats based on the CTI properties. That allows to identify the inherent CSC vulnerabilities so that appropriate control actions can be undertaken for the overall cyber security improvement. To demonstrate the applicability of our approach, CTI data is gathered and a number of ML algorithms, i.e., Logistic Regression (LG), Support Vector Machine (SVM), Random Forest (RF), and Decision Tree (DT), are used to develop predictive analytics using the Microsoft Malware Prediction dataset. The experiment considers attack and TTP as input parameters and vulnerabilities and Indicators of compromise (IoC) as output parameters. The results relating to the prediction reveal that Spyware/Ransom ware and spear phishing are the most predictable threats in CSC. We have also recommended relevant controls to tackle these threats. We advocate using CTI data for the ML predicate model for the overall CSC cyber security improvement.
 • Cyber Threat Intelligence (CTI) provides technical indicators, context, and actionable advice relating to existing and emerging threat. • CTI provides evidence-based knowledge of threat actor's motives, intents, TTPs, and indicators of compromise (IoC) and control mechanisms relating to the existing and emerging threat.
 • We used AUC_ROC (Area Under Curve – Receiver Operating Characteristics) to model the selection metric for the bi-multiclass classification problem to distinguish between the probabilities of the given classes. • Cyber security incident reporting platform provides individuals and organizations with a system to reports cyber incidents they have experienced unexpectedly or any unusual network issues, or suspected fraud or cybercrime activities.
 • The proposed approach includes additional concepts related to CSC such as supply chain actor and controls. • A dynamic privacy protection model was proposed by to address threats relating to wireless communication. • We used a running example from a smart grid system to analyze the proposed approach and demonstrate the applicability of the work.
 • The goal of the ML techniques is to evaluate if the algorithm can predict the performance of classification as an attack or not after a training phase. • The approach adopts the CTI process to gather and analyse the threat data and ML techniques to predicate the threat. • ML techniques are used on classification algorithms to learn a dataset for performance accuracies and predictive analytics.

We have more than 145000 Documents , PPT and Research Papers

Have a question ?

Mail us :